CLSA-2026-1779697425 postgresql: Fix of CVE-2026-6478

CVE-2026-6478: backport upstream prerequisite that introduces the timingsafebcmp constant-time memory comparison helper, then apply it to SCRAM and MD5 authentication paths that previously used memcmp or strcmp on password hashes, computed keys, and SCRAM nonces, to prevent timing-side-channel...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: MAC comparisons need to be performed in constant time. To prevent timing attacks, MAC comparisons must be done in constant time. Replace the memcmp function with the correct function, cryptomemneq...

EUVD-2026-31069

In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass...

CLSA-2026-1779120347 gnutls: Fix of CVE-2026-3833

CVE-2026-3833: fix nameConstraints dNSName/rfc822Name case-sensitive memcmp bypass...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare Observed on kernel 6.6 present on master as well: BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: kasancheckrange+0xe8/0x190 asanloadN+0x1c/0x28 memcmp+0x98/0xd0...

EUVD-2026-18749

In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIGFORTIFYSOURCE=y and a recent compiler, commit 439a1bcac648 "fortify: Use builtindynamicobjectsize when available" produces the warning below and an oops. Searchi...

CVE-2026-23364

CVE-2026-23364 concerns the Linux kernel’s ksmbd path, where MAC comparisons were not performed in constant time. The underlying issue is a timing-attack-prone memcmp() usage; the recommended fix is to replace memcmp() with crypto_memneq() to ensure constant-time comparisons. The vulnerability is...

CVE-2026-23364

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be constant-time. Replace the memcmp with the correct function, cryptomemneq...

CVE-2026-3904

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...

FreeBSD : OpenVPN -- HMAC verification on source IP address ineffective (17a40d76-c3fd-11f0-b513-0da7be77c170)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 17a40d76-c3fd-11f0-b513-0da7be77c170 advisory. Arne Schwabe reports: Fix memcmp check for the hmac verification in the 3way handshake being inverted...

EulerOS 2.0 SP11 : grub2 (EulerOS-SA-2025-2227)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-channel attacks.CVE-2024-56738...

EUVD-2016-8805

Malware in sbrugna...

OESA-2025-1675 grub2 security update

GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-chann...

RHEL 6 : libssh2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libssh2: Out-of-bounds memory comparison with specially crafted message channel request CVE-2019-3862 - A...

SUSE CVE-2019-7309

In the GNU C Library aka glibc or libc6 through 2.29, the memcmp function for the x32 architecture can incorrectly return zero indicating that the inputs are equal because the RDX most significant bit is mishandled...

[SECURITY] [DLA 3311-1] heimdal security update

Debian LTS Advisory DLA-3311-1 [email protected] https://www.debian.org/lts/security/ Helmut Grohne February 08, 2023 https://wiki.debian.org/LTS Package : heimdal Version : 7.5.0+dfsg-3+deb10u2 CVE ID : CVE-2022-45142 Debian Bug : 1030849 I discovered a flaw in Heimdal, an implementati...

Pengutronix barebox 信息泄露漏洞

Pengutronix barebox is a bootloader used in embedded Linux systems. A security vulnerability exists in barebox, which leaks time information in crypto digest.c in penguin tronix barebox through 2021.07.0 due to the use of memcmp during digest validation...

RHEL 7 : libssh2 (RHSA-2019:1884)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1884 advisory. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fixes: libssh2: Out-of-bounds memory comparison with specially...

Moderate: Red Hat Security Advisory: libssh2 security update

An update for libssh2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Updated libssh2 packages fix security vulnerability

Possible integer overflow in transport read allows out-of-bounds write. CVE-2019-3855 Possible integer overflow in keyboard interactive handling allows out-of-bounds write. CVE-2019-3856 Possible integer overflow leading to zero-byte allocation and out-of-bounds write. CVE-2019-3857 Possible...